[JaxPM] FW: Apache Week issue 246 (11th May 2001)
JONES, WILLIAM C
wcjones at exchange.fccj.org
Fri May 11 11:16:32 CDT 2001
On the jacksonville-pm-list; Jax.PM'er "JONES, WILLIAM C" <wcjones at exchange.fccj.org> wrote -
Recently a few asked me about what lists I was subscribed to. Over the
next few days/weeks I will forward those that I still get and also send a
few links the group memebers may be interested in.
Cheers/Sx :]
-----Original Message-----
From: Apache Week
To: apacheweek at apacheweek.com
Sent: 5/11/01 10:25 AM
Subject: Apache Week issue 246 (11th May 2001)
This is the latest edition of Apache Week. To read this issue or any
past issues, see http://www.apacheweek.com/
----------------------------------------------------------------------
APACHE WEEK
The essential weekly guide for users of the world's most popular Web
server.
Issue 246: 11th May 2001
========================== Advert ===========================
Sponsored by Secant Technologies
New ModelMethods Software Has WYMIWYG Capabilities!
Do you write code? Do you model in UML? Now, What You Model
Is What You Get (WYMIWYG). ModelMethods can automatically
generate up to 80% of your Java/EJB or C++ application
code from a UML model and deploy, manage and scale it on a
model-driven application server. Find out more www.modelmethods.com
=================================================================
In this issue
* Under Development
* In the news
* Featured Articles
Under Development
A vulnerability in the Win32 and OS/2 ports of Apache 1.3 was
[1]reported last month, involving requests with an extremely long
string of characters in the Request-URI. Such requests could crash
the server causing denial of service, but would not allow
unauthorised access to data. A fix was checked in this week by
William Rowe, who also proposed that 1.3.20 be released soon. This
vulnerability does not affect Apache running on Unix.
Talk of a new 1.3 release prompted some testing of the current code
and it was found that a change made since 1.3.19 had portability
problems, which were quickly fixed by Jim Jagielski. Some issues
with the [2]updated ApacheBench utility were also uncovered.
The APR list has seen a large amount of traffic concerning the
"stackable memory system" which has been contributed to APR by
members of the [3]Samba-TNG team. The code was checked in, though
some group members found the volume of discussion overwhelming.
The most CVS activity seen recently came in a flurry of over 30
commits in two days, as Ralf Engelschall imported the source to
version 2.8.3 of mod_ssl into the Apache 2.0 CVS tree and began the
process of porting the code to Apache 2.0 and APR.
In the news
Apache has multiple nominations for JavaWorld awards
Two Apache Software Foundation projects have been chosen as
finalists in the 2001 [4]JavaWorld Editors' Choice Awards. Tomcat
has been nominated for the "Most Innovative Java Product", and
Xalan-Java has been selected for the "Best Java-XML Technology".
Winners will be announced in June this year. Back in 1999, the
JServ servlet engine won JavaWorld Readers' Choice Awards "Best
Free Product".
E-Soft release new Apache module report
E-Soft have updated their [5]Apache Module report. This report
gives a breakdown of the popular add-on modules for Apache and
gives the percentage of Apache sites the module is found on. What
makes this report even more interesting is that for each module
there is a complete history of penetration rates spanning nearly
three years.
Meanwhile, their April 2001 [6]secure web server survey found that
Apache (and Apache-based servers) still power over 60% of all
secure sites.
Featured articles
In this section we highlight some of the articles on the web that
are of interest to Apache users.
Information Security Magazine presents an article on [7]improving
Apache and a [8]case study on companies that swear by (not at)
Apache in its April issue. It starts off by refuting the mindset
that running Apache guarantees security although it readily admits
that Apache deserves its reputation for being a secure Web server.
Then it provides the steps for installing Apache and mod_ssl,
securing the underlying Linux server, and testing Web applications
for vulnerabilities.
[9]"Setting up Apache with mySQL, Frontpage 2000 Extensions, and
PHP NHF" is a Newbieized Help File (NHF) written by Dallas Engelken
for newbies to get Apache up and running with Frontpage support in
no time at all.
At first glance, it may seem pointless to generate dynamic PDFs but
John Coggeshall discovers that the PDF features of PHP can be
implemented in all sorts of ways to make Web sites more efficient.
Read about it in [10]"Creating PDF Files in PHP".
______________________________________________________________
Comments or criticisms? Please email us at
[11]editors at apacheweek.com.
[12]Apache Week is copyright 1996-2001 by [13]Red Hat, Inc.
References
1. http://bugs.apache.org/index.cgi/full/7522
2. http://www.apacheweek.com/issues/01-04-20#dev
3. http://www.samba-tng.org/
4. http://www.javaworld.com/jw-05-2001/jw-0504-finalists.html
5.
http://www.securityspace.com/s_survey/data/man.200104/apachemods.html
6.
https://secure1.securityspace.com/cgi-bin/session/docserv?doc=/s_ssurvey
/data/index.html
7.
http://www.infosecuritymag.com/articles/april01/features1_web_server_sec
.shtml
8.
http://www.infosecuritymag.com/articles/april01/features1_web_server_sec
.shtml#case_study
9. http://www.linuxnewbie.org/nhf/intel/webserving/a_m_f1.html
10. http://www.zend.com/zend/spotlight/creatingpdfmay1.php
11. mailto:editors at apacheweek.com
12. http://www.apacheweek.com/
13. http://www.redhat.com/
------------------------------------------------------------------------
To stop receiving Apache Week, send a message to
majordomo at apacheweek.com
containing the text
unsubscribe apacheweek
Jax.PM Moderator's Note:
This message was posted to the Jacksonville Perl Monger's Group listserv.
The group manager can be reached at -- owner-jacksonville-pm-list at pm.org
to whom send all praises, complaints, or comments...
More information about the Jacksonville-pm
mailing list